On the third day of Google I / O 2019 the company has outlined the new security features of Android Q , demonstrating that they take the integrity of our data and devices very seriously.
From Android Q our devices will be much more secure against attackers and malicious applications thanks to these security innovations:
The devices that launch with Android Q will encrypt the data of the users without exceptions. Encryption will no longer be optional as it has been until now. Any mobile, tablet, watch, TV or device for the vehicle must be encrypted.
The less powerful devices whose processor does not have hardware support for AES encryption will use the new Adiantum encryption that Google introduced last February. Adiantum is based on the ChaCha20 encryption , which is five times faster than AES encryption when hardware acceleration is not available.
Android Q also brings another encryption, compatibility with TLS 1.3 to protect the transfer of data and information that is exchanged between our device and the Internet. This new version of the TLS standard is 40% faster and safer. It has eliminated compatibility with weaker cryptographic algorithms along with features that have become unsafe or obsolete.
The new version of Android Q is strengthened against attacks isolating some processes prone to attacks such as media (codecs), Bluetooth and the core, thus reducing its attack surface, for individual implementation errors are insufficient to avoid system security systems operative they can not be exploited to make vulnerabilities more difficult or impossible to exploit, and to increase the amount of vulnerabilities an attacker needs to achieve their goals.
The Bio metric Prompt API released in Android Pie, and which is what allows applications to use biometrics, such as the face, fingerprint and iris for identification is improved in Android Q by adding implicit authentication and explicit authentication.
With explicit authentication, the user will have to perform an action to continue , such as placing a finger on the fingerprint sensor. If you are using the face or iris for authentication, then you must touch an additional button to continue. Explicit authentication is the default method and will be mandatory for high-value transactions, such as payments.
Implicit authentication does not require any additional user action. The device already identifies us automatically in easily reversible actions, such as a login or autocomplete.
In the future
Another security innovation that will come in the future, surely in future versions of Android, is the electronic identification , so that we can carry our driver’s license, ID or passport on our mobile . The Android Security and Privacy team is leading this initiative that requires experience in cryptology for ISO standardization.